Own and operate the end-to-end enterprise cybersecurity program, including strategy, architecture, operations, governance, and compliance.
Establish a multi-year security roadmap aligned with business priorities, technology evolution, and regulatory requirements.
Drive program maturity, ensuring continuous improvement across all domains of cybersecurity. Ensure security is integrated into enterprise planning, product development, and operational execution.
Develop and maintain a risk-based cybersecurity investment framework to prioritize initiatives and allocate resources effectively.
Lead architectural decisions across: identity and access systems, data protection and encryption strategies, network and zero-trust architectures, secure platform design for clinical and genomic systems and for agentic workflows.
Present regular updates to executive leadership on cyber risk posture, threat landscape, program maturity, incident readiness and response. Lead Board-level discussions on cybersecurity strategy, risk tolerance, and investment priorities.
Define and execute a strategy for AI-assisted cybersecurity operations, leveraging machine learning, automation, and advanced analytics to enhance detection and response capabilities.
Build a highly automated, intelligence-driven SecOps function that minimizes manual intervention and improves speed and accuracy of threat identification and remediation.
Drive adoption and optimization of modern security platforms, including: Next-generation SIEM/SOAR, CNAPP / CSPM, EDR/XDR, Identity intelligence platforms. Leverage AI/ML to improve signal-to-noise ratio in security alerts, detect anomalous behavior across security domains, and automate triage, investigation, and response workflows
Integrate AI capabilities into threat intelligence, vulnerability management, and risk analysis processes. Continuously evaluate emerging AI security tools and capabilities, balancing innovation, risk, and operational value.
Oversee enterprise security operations including monitoring, detection, and response. Lead incident response and crisis management, ensuring rapid containment and recovery.
Own compliance strategy across frameworks including SOC 2, ISO 27001, and NIST. Ensure alignment with healthcare and global data protection regulations (HIPAA, GDPR, CCPA).

Requirements

20+ years of progressive cybersecurity leadership experience.
Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related technical field required. Advanced degree (Master’s or PhD) is strongly preferred.
Proven experience owning and operating an enterprise-wide cybersecurity program, including strategy, execution, and governance. Strong track record of building modern, engineering-led security organizations in cloud-native environments.
Comfortable operating in high-growth, high-complexity environments. Experience building and scaling security programs in cloud-native, high-growth environments.
Deep, practical expertise across: Cloud security architecture (CSPM, CNAPP, workload security), Identity and access management (IAM, SSO, zero trust), Detection & response (SIEM, SOAR, EDR/XDR), Application and API security, Data security, encryption, and DLP, DevSecOps and secure SDLC practice
Strong balance of: technical depth (architecture, cloud, security engineering), and strategic leadership (program ownership, executive influence)
Hands-on experience implementing or operating AI-assisted security tools and automation frameworks.
Demonstrated success engaging with executive leadership and Boards on cybersecurity risk and investment decisions.
Experience developing risk-based investment strategies and prioritization frameworks. Ability to translate cybersecurity complexities into executive and Board-level communications.
Exceptional executive communication and storytelling skills.
Proven ability to influence senior leadership and drive alignment on complex risk and investment decisions.

Benefits

Annual performance incentive bonus
Long-term equity awards
Comprehensive health benefits (medical, dental, vision)
401(k) with company match
Generous paid time off and company holidays
Additional wellness and work-life benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurity program managementcloud security architectureidentity and access managementdetection and responseapplication securitydata securityencryptionDevSecOpsAI-assisted security toolsrisk-based investment strategies

Soft Skills

executive communicationstorytellinginfluencestrategic leadershipprogram ownershipengagement with executive leadershipalignment on risk decisionscomplex problem solvingcontinuous improvementadaptability

Certifications

SOC 2ISO 27001NIST